Impersonate

Customisable object selector.

Introduction

The Impersonate selector is responsible for presenting a list of objects (in a grid) for the user to select from.

The Impersonate selector completes when the user has selected an option.

Can be nestled with other authenticators, selectors and chains.

Configuration

Authenticator type: Impersonate

Common Authenticator configuration can be found here.

// Use case - To act on behalf of someone else
// Supported by default together with Fortified ID Password reset same Fortified ID Enrollment.
// Function is supported to be used for any SAML SP application.
{
  "id": "impersonate",
  "type": "Impersonate",
  "display_name": "Impersonate",
  "config": {
    "base_path": "${globals.default_login_suffix}",
    "expiry": "PT1S",
    "overlay_dir": "${globals.default_overlay_dir}",
    "exec_if": "mv.containsAny(exports.spEntityID, 'https://dev.fortifiedid.se/pwdreset/', 'https://dev.fortifiedid.se/enrollment/')",
    "pipe_id": "impersonate_selector_pipe",
    "values": [
      {
        "key": "displayName",
        "label": "label1"
      },
      {
        "key": "sAMAccountName",
        "label": "label2"
      },
      {
        "key": "mail",
        "label": "label3"
      }
    ],
    "show_filtering": true,
    "include_self": true,
    "custom_identifier": "FortifiedID_Test",
    "identifier_attribute": "mail",
    "selected_id_parameter": "object_id"
  },
  "description": "The Impersonate selector is responsible for presenting a list of objects (in a grid) for the user to select from."
}

// Use case - Choose persona
// If your login is associated with multiple accounts, select the account you want to log in with.
{
  "id": "choose_persona",
  "type": "Impersonate",
  "display_name": "Choose persona",
  "config": {
    "base_path": "${globals.default_login_suffix}",
    "expiry": "PT1S",
    "overlay_dir": "${globals.default_overlay_dir}",
    "pipe_id": "choose_persona_pipe",
    "auto_select": true,
    "values": [
      {
        "key": "displayName",
        "label": "ChoosePersonaName"
      },
      {
        "key": "sAMAccountName",
        "label": "ChoosePersonaUserID"
      },
      {
        "key": "mail",
        "label": "ChoosePersonaMail"
      }
    ],
    "show_filtering": true,
    "include_self": false,
    "custom_identifier": "FortifiedID_Test",
    "identifier_attribute": "mail",
    "selected_id_parameter": "mail"
  },
  "description": "The Impersonate selector is responsible for presenting a list of objects (in a grid) for the user to select from."
}

Values

The values array represents the columns to be shown in the grid.

Name

Description

Default

Mandatory

key

Item parameter. The value will be presented in the column for each object.

label

Column label translation key.

"values":[
         {
            "key":"displayName",
            "label":"label1"
         },
         {
            "key":"givenName",
            "label":"label2"
         },
         {
            "key":"sAMAccountName",
            "label":"label3"
         },
         {
            "key":"mail",
            "label":"label4"
         },
         {
            "key":"cn",
            "label":"label5"
         }
      ]

Data exposed to global state

When a value is selected, the Impersonate authenticator is marked as done and populates the configured selected_id_parameter property with the identifier value obtained from the selection.

Logging

WEB_100040("Impersonate selector completed")

IDENTIFIER (user trace id)
CUSTOMER_IDENTIFIER (if configured)
SOURCE_USER_NAME (id of selected object if anything selected, pipe not empty)
SOURCE_ADDRESS (ip of the remote session)
AUTHENTICATOR_ID (id + display_name of authenticator)

WEB_100041("Impersonate selector completed - self selected")

IDENTIFIER (user trace id)
CUSTOMER_IDENTIFIER (if configured)
SOURCE_ADDRESS (ip of the remote session)
AUTHENTICATOR_ID (id + display_name of authenticator)

API

API follows the general conventions of the Fortified Web Authenticator API.

Messages

Selector authenticators supports the following messages:

Init (request+response)

Init message must be sent before/during the view is loading. Response contains the options that should be presented to the user.

Init may be called while authenticator is in progress under the following circumstances:

Callback from selected authenticator
Browser reload (user refreshes page)
Browser back (user cancels selected authenticator and navigates back)

{
  "type" : "init",
  "data" : {}
}

{
  "type" : "init",
  "success" : true,
  "data" : {
    "options" : [
      {
        "id" : "<option-id>",
        "target" : "<authenticator-id>",
        "label" : "<option-text-or-translation-key> 
      },
    ]
  }
}

Action (request+response)

The action message is used for selecting an option. This message is triggered by a user action.

{
  "type" : "action",
  "data" : {
    "selected" : "<option-id>"
  }
}

Complete (response)

The complete response message is sent when the authentication has completed. If message contains a location property; view must redirect user agent to the supplied location.

{
  "type" : "complete",
  "success" : true,
  "data" : { 
    "location" : "<next-location>"
  }
}

Translation keys

Default translations provided:

English, assets/locales/en.json

{
  "impersonate_selector.header": "Choose",
  "impersonate_selector.paragraph": "Choose a user to impersonate",
  "impersonate_selector.label1": "Label 1",
  "impersonate_selector.label2": "Label 2",
  "impersonate_selector.label3": "Label 3",
  "impersonate_selector.label4": "Label 4",
  "impersonate_selector.label5": "Label 5",
  "impersonate_selector.label6": "Label 6",
  "impersonate_selector.label7": "Label 7",
  "impersonate_selector.label8": "Label 8",
  "impersonate_selector.label9": "Label 9",
  "impersonate_selector.label10": "Label 10",
  "impersonate_selector.error": "An error occured",
  "impersonate_selector.cancel": "Cancel",
  "impersonate_selector.self_button": "Login as myself",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "authentication.help_text": "",
  "table.page": "Page {{pageIndex}} of {{pageCount}}",
  "change_language": ""
}

Swedish, assets/locales/sv.json

{
  "impersonate_selector.header": "Välj",
  "impersonate_selector.paragraph": "Välj en användare att logga in som",
  "impersonate_selector.label1": "Rubrik 1",
  "impersonate_selector.label2": "Rubrik 2",
  "impersonate_selector.label3": "Rubrik 3",
  "impersonate_selector.label4": "Rubrik 4",
  "impersonate_selector.label5": "Rubrik 5",
  "impersonate_selector.label6": "Rubrik 6",
  "impersonate_selector.label7": "Rubrik 7",
  "impersonate_selector.label8": "Rubrik 8",
  "impersonate_selector.label9": "Rubrik 9",
  "impersonate_selector.label10": "Rubrik 10",
  "impersonate_selector.error": "Ett fel har inträffat",
  "impersonate_selector.cancel": "Avbryt",
  "impersonate_selector.self_button": "Logga in som mig själv",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "table.page": "Sida {{pageIndex}} av {{pageCount}}",
  "authentication.help_text": "",
  "change_language": ""
}

PreviousChain NextImpersonate with search

hashtagIntroduction

hashtagConfiguration

hashtagValues

hashtagData exposed to global state

hashtagLogging

hashtagAPI

hashtagMessages

hashtagInit (request+response)

hashtagAction (request+response)

hashtagComplete (response)

hashtagTranslation keys

hashtagEnglish, assets/locales/en.json

hashtagSwedish, assets/locales/sv.json